Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/9QW296Bi-nFaTbQgErHmMSLmimM.roa
File: 9QW296Bi-nFaTbQgErHmMSLmimM.roa (raw, json)
Hash identifier: E9ov+K5MeLYijfs32nhPfTJoXoWcCnO5qOcxWiBpcl8=
Subject key identifier: F5:05:B6:F7:A0:62:FA:71:5A:4D:B4:20:12:B1:E6:31:22:E6:8A:63
Certificate issuer: /CN=a27c641b530a7c6ba234022e3327246232367100
Certificate serial: 018CC8010EF5A031DE37F739B54372D3503F
Authority key identifier: A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/9QW296Bi-nFaTbQgErHmMSLmimM.roa
Signing time: Tue 02 Jan 2024 02:29:21 +0000
ROA not before: Tue 02 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43541
IP address blocks: 91.239.200.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 May 2024 13:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:0e:f5:a0:31:de:37:f7:39:b5:43:72:d3:50:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a27c641b530a7c6ba234022e3327246232367100
Validity
Not Before: Jan 2 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f505b6f7a062fa715a4db42012b1e63122e68a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7f:87:dd:15:08:ec:f7:2d:d0:e3:2e:46:4c:
ea:f7:77:47:bf:d1:c8:dd:73:a4:7f:e4:41:a1:34:
26:79:3d:32:c1:37:cb:0c:9b:4e:49:7b:93:a5:e6:
fe:36:b2:ab:83:20:e1:93:00:e5:b4:f9:eb:f5:df:
83:d7:97:ff:af:5b:37:f5:bd:21:07:cd:1e:34:17:
32:a0:ea:5f:e2:0c:e9:fb:1f:04:fb:78:a7:43:9b:
1b:f3:ee:c7:4e:8a:09:d3:8a:5e:ed:6f:1e:17:4b:
e3:dc:b8:3e:8f:3d:43:cb:7e:15:cb:f0:dc:12:cf:
6e:16:f5:08:f5:56:0e:c2:e4:17:db:ed:ce:96:78:
57:29:89:c5:ab:02:c1:37:1b:ea:bc:ec:d2:7a:8a:
2b:9f:35:4d:0b:b2:7c:2a:be:0e:96:da:ff:f5:97:
8d:2c:3b:8e:21:09:e6:93:8d:ee:e4:33:82:6a:02:
b1:89:3d:04:98:aa:eb:54:2f:69:5d:4f:0f:fd:c4:
d1:8f:6b:5a:3b:57:ee:c2:33:15:04:bc:50:44:7c:
76:9b:04:e8:3b:d1:c1:67:b5:69:48:d2:32:84:0b:
9c:20:ed:88:39:02:07:59:62:09:ea:30:ed:83:e9:
8e:ad:f8:e9:81:60:98:f5:c1:91:ae:96:fa:c8:e4:
f3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:05:B6:F7:A0:62:FA:71:5A:4D:B4:20:12:B1:E6:31:22:E6:8A:63
X509v3 Authority Key Identifier:
keyid:A2:7C:64:1B:53:0A:7C:6B:A2:34:02:2E:33:27:24:62:32:36:71:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/onxkG1MKfGuiNAIuMyckYjI2cQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/9QW296Bi-nFaTbQgErHmMSLmimM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/006f56-1d8e-45cc-8694-1f188fcce855/1/onxkG1MKfGuiNAIuMyckYjI2cQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.200.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:68:d8:47:a7:18:ed:71:e9:cd:a1:76:92:fb:c4:22:18:bb:
bb:70:58:64:86:34:07:5f:86:c5:1f:02:5d:e5:bb:40:49:a0:
39:99:44:f3:09:63:8c:fa:a5:9c:b4:96:aa:b0:ff:82:1c:cc:
95:b2:9f:1a:76:4e:42:c1:fa:17:4a:a2:95:b1:86:f8:f1:a8:
7f:69:31:79:bc:cd:65:28:4a:38:19:36:99:20:10:23:f1:8e:
c1:19:96:ef:26:ce:01:fd:a2:3a:1c:b0:72:6f:aa:30:50:38:
6c:00:33:bd:fa:92:e3:9c:cc:e0:3e:f5:be:0f:e3:27:58:fc:
9b:86:51:cc:a8:a8:30:8e:08:a9:47:23:0b:0b:62:97:79:9e:
00:60:72:af:a5:00:fc:94:b2:f3:3c:d4:2f:a7:4c:84:a3:e7:
6d:79:57:cd:a0:7f:78:62:b5:e4:ff:55:fa:b4:e1:08:7e:23:
66:12:c7:f2:45:1d:e5:b5:df:9d:58:4c:dd:b2:e1:c3:41:59:
3d:08:2d:8e:b9:f4:ae:4d:6a:f1:fa:44:c4:8b:08:bf:37:07:
63:e7:b5:3d:1b:13:7d:58:57:d9:d6:0e:bf:f8:3e:98:8d:12:
f1:86:43:0f:06:7b:8c:b2:61:b2:a2:ae:f3:9a:34:7f:0d:5c:
6c:e2:ba:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAQ71oDHeN/c5tUNy01A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyN2M2NDFiNTMwYTdjNmJhMjM0MDIyZTMzMjcyNDYyMzIz
NjcxMDAwHhcNMjQwMTAyMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTA1YjZmN2EwNjJmYTcxNWE0ZGI0MjAxMmIxZTYzMTIyZTY4YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n+H3RUI7Pct0OMuRkzq93dHv9HI
3XOkf+RBoTQmeT0ywTfLDJtOSXuTpeb+NrKrgyDhkwDltPnr9d+D15f/r1s39b0h
B80eNBcyoOpf4gzp+x8E+3inQ5sb8+7HTooJ04pe7W8eF0vj3Lg+jz1Dy34Vy/Dc
Es9uFvUI9VYOwuQX2+3OlnhXKYnFqwLBNxvqvOzSeoornzVNC7J8Kr4Oltr/9ZeN
LDuOIQnmk43u5DOCagKxiT0EmKrrVC9pXU8P/cTRj2taO1fuwjMVBLxQRHx2mwTo
O9HBZ7VpSNIyhAucIO2IOQIHWWIJ6jDtg+mOrfjpgWCY9cGRrpb6yOTzWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUFtvegYvpxWk20IBKx5jEi5opjMB8GA1UdIwQY
MBaAFKJ8ZBtTCnxrojQCLjMnJGIyNnEAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQt
MWYxODhmY2NlODU1LzEvOVFXMjk2QmktbkZhVGJRZ0VySG1NU0xtaW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8wMDZmNTYtMWQ4ZS00NWNjLTg2OTQtMWYxODhmY2NlODU1
LzEvb254a0cxTUtmR3VpTkFJdU15Y2tZakkyY1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+/IMA0G
CSqGSIb3DQEBCwUAA4IBAQAeaNhHpxjtcenNoXaS+8QiGLu7cFhkhjQHX4bFHwJd
5btASaA5mUTzCWOM+qWctJaqsP+CHMyVsp8adk5CwfoXSqKVsYb48ah/aTF5vM1l
KEo4GTaZIBAj8Y7BGZbvJs4B/aI6HLByb6owUDhsADO9+pLjnMzgPvW+D+MnWPyb
hlHMqKgwjgipRyMLC2KXeZ4AYHKvpQD8lLLzPNQvp0yEo+dteVfNoH94YrXk/1X6
tOEIfiNmEsfyRR3ltd+dWEzdsuHDQVk9CC2OufSuTWrx+kTEiwi/Nwdj57U9GxN9
WFfZ1g6/+D6YjRLxhkMPBnuMsmGyoq7zmjR/DVxs4rob
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:58 2025 by rpki-client